The National Telecommunications and Information Administration (NTIA) of the Department of Commerce has been working on mobile privacy issues, and recently had another meeting with privacy advocates, industry participants, and privacy stakeholders to discuss best practices in the sector. Earlier this year the NTIA had announced its wish to create a "Mobile Application Transparency Code of Conduct," which would contain a series of best practices regarding the collection and use of consumer's personal information through mobile apps. NTIA met recently to review the newest draft of the Code with key stakeholders. Currently, one of the Code's best practice recommendations is that a mobile app provider, or marketer that collects personally identifiable data in an app, give consumers both short and comprehensive notice of its data use and collection. The recent meeting addressed some issues that are of interest to those in the mobile space, including whether or not the Code should recommend both a short-form and a long-form privacy notice, if there is a short-form notice should be standardized across all companies or editable, where "mobile devices" should include "similar portable computing devices," whether service providers should be subject to the Code, and whether the short-form notice (if there is one) should be provided to consumers when they download the app. The NTIA's next meeting on the Code will occur on December 17, 2012 and will look at the short-form notice in more depth.
Tip: Companies engaged in the mobile space should consider participating in the NTIA's conversation. Although any Code would not be binding, it could set the stage for industry "best practice" standards which could impact many in the industry. Issues like having both short and long form notices are worth looking at, as multiple notices could place additional burdens on companies to manage more privacy disclosures.